China
Africa
Explore chapters and articles related to this topic
Organization Security Policies and Their After Effects
Published in Rohit Tanwar, Tanupriya Choudhury, Mazdak Zamani, Sunil Gupta, Information Security and Optimization, 2020
Premkumar Chithaluru, Ravi Prakash
In order to satisfy Cronan and Douglas (Cronan and Douglas 2006), cyber-security regulation is characterized as a series of actions on how computer protection can be handled at the management level. Information security, which includes maintaining the secrecy, credibility and quality of corporate data, helps to reduce the numerous threats that may be detrimental to business information by implementing appropriate security measures. There are various security standards and protocols that need to be addressed in order for organizations to adopt an appropriate set of controls to handle information security effectively. Such safety requirements and recommendations come from both internal and external channels within an enterprise.
Copy-Move Image Forgery Detection Using Redundant Keypoint Elimination Method
Published in S. Ramakrishnan, Cryptographic and Information Security, 2018
Zahra Hossein-Nejad, Mehdi Nasri
Information security means the protection of information and information systems from unauthorized activities, which include access, use, disclosure, reading, copying or recording, tampering, changing, and manipulation. The main concepts in information security are information confidentiality, integrity, and availability. Integrity means preventing unauthorized change of information and detecting the change in case of unauthorized manipulation of information. Integrity is violated when information is changed in an unauthorized way not only during transfer but also in use or storage. Today, the development of image processing and image editing software such as Adobe Photoshop®, and Photo Editor has caused created image forgery, and these images ultimately cause limitations in the information security system (Huang et al. 2008; Birajdar and Mankar 2013). In this chapter, while reviewing the methods of copy-move forgery detection, a method is presented that has a high accuracy in detecting forged areas. The Scale Invariant Feature Transform (SIFT) algorithm is one of the most common methods of forgery detection based on keypoints. One of the disadvantages of SIFT is the extraction of inappropriate keypoints, which cause an increased FP-rate and interference in the forgery areas detection. In this chapter, to solve the mentioned problem, the Redundant Keypoint Elimination Method-SIFT (RKEM-SIFT) is used to extract keypoints of the image by eliminating the redundant keypoints, which increases the accuracy of matching. To evaluate the performance of the proposed method, the MICC-F220 standard database is used to show the results of the experiments: the effectiveness of the proposed method in comparison with the classical methods.
Organizational information security culture in critical infrastructure: Developing and testing a scale and its relationships to other measures of information security
Published in Stein Haugen, Anne Barros, Coen van Gulijk, Trond Kongsvik, Jan Erik Vinnem, Safety and Reliability – Safe Societies in a Changing World, 2018
T.O. Nævestad, S. Frislid Meyer, J. Hovland Honerud
Information security is often defined as protection against breaches of confidentiality, integrity and accessibility. This applies to information that is oral, written or electronic. Confidentiality refers to ensuring that only those who are authorised to access information, accesses it. Integrity refers to protecting the accuracy and entirety of information and processing methods. Accessibility refers to ensuring that authorised users have access to the information and associated equipments when necessary (Report to the Storting 29. 2011–2012).
Surveillance in Next-Generation Personalized Healthcare: Science and Ethics of Data Analytics in Healthcare
Published in The New Bioethics, 2021
Information security refers to the preservation of the integrity, availability and confidentiality of data. Since the introduction of electronic health records (EHRs), smartphones, and medical identity theft; there has been a growing concern over patients’ health data. Furthermore, many healthcare providers confess that they exchange crucial patient information with their colleagues over electronic devices such as their smartphones. These devices can easily be stolen, leaving confidential information vulnerable (Bromwich and Bromwich 2016). Healthcare providers are therefore encouraged to transmit private and confidential information through encrypted mobile devices. In addition to using encrypted devices, other measures such as firewalls and intrusion detection software have been identified to be effective. Regardless, healthcare facilities must implement full security programs to maintain the integrity of their data (Harman et al. 2012).
Organizational Citizenship Behavior Regarding Security: Leadership Approach Perspective
Published in Journal of Computer Information Systems, 2020
Ofir Turel, Zhengchuan Xu, Ken Guo
Information security is an important issue in modern organizations because information systems (IS) will likely fail to deliver value gains if they are not secure and may even hurt the organization when information security fails. This article aims to examine one particular challenge in security management: end-user security-related behavior. End-users, i.e. employees who use IS for their work, have long been viewed as an insider threat to IS security. When using IS in ways which are inconsistent with recommended security management best-practices, such as failing to encrypt data or change passwords, end-users may inadvertently put important organizational data at risk and potentially threaten the effective use of IS for supporting strategic and operational needs. In this study, we extend this perspective and suggest that end-users should not only be conceived as a potential problem; they can also be, if managed properly, a source for improving information security in organizations.
Information Security Policy Compliance: Leadership, Trust, Role Values, and Awareness
Published in Journal of Computer Information Systems, 2020
Alex Koohang, Alojzy Nowak, Joanna Paliszkiewicz, Jeretta Horn Nord
Information system vulnerability (i.e., OS command injection, SQL injection, buffer overflow, missing authorization, unrestricted upload of dangerous file types, reliance on untrusted inputs in a security decision, download of codes without integrity checks, weak passwords, and software infected with the virus among others) is the “ … weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source (see ref. 1, p. 87).” Information security threats are malware, phishing, proxies, spyware, adware, botnets, and spam among others. Information security threats are defined as “ … any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through a system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service (see ref. 1, pp. 85–86).”